diff --git a/ansible/group_vars/all/docker-registry b/ansible/group_vars/all/docker-registry index 13e959fbe..2ace208ac 100644 --- a/ansible/group_vars/all/docker-registry +++ b/ansible/group_vars/all/docker-registry @@ -14,6 +14,9 @@ docker_registry_enabled: False # pull through cache. docker_registry_env: {} +# The network mode of the docker registry container. Default is 'host'. +docker_registry_network_mode: host + # The port on which the docker registry server should listen. # NOTE: This is set to 4000 rather than the default of 5000 to avoid clashing # with keystone. diff --git a/ansible/roles/docker-registry/defaults/main.yml b/ansible/roles/docker-registry/defaults/main.yml index 66c631ee1..f7ecce4d7 100644 --- a/ansible/roles/docker-registry/defaults/main.yml +++ b/ansible/roles/docker-registry/defaults/main.yml @@ -43,13 +43,17 @@ docker_registry_services: {{ {} | combine(docker_registry_env_tls if docker_registry_enable_tls | bool else {}) | combine(docker_registry_env_basic_auth if docker_registry_enable_basic_auth | bool else {}) | - combine(docker_registry_env_listen) | + combine(docker_registry_env_listen if docker_registry_network_mode == 'host' else {}) | combine(docker_registry_env) }} enabled: "{{ docker_registry_enabled }}" image: "{{ docker_registry_image_full }}" - network_mode: host + network_mode: "{{ docker_registry_network_mode }}" + ports: "{{ [docker_registry_port ~ ':5000'] if docker_registry_network_mode == 'bridge' else [] }}" volumes: "{{ docker_registry_volumes | select | list }}" +# The network mode of the docker registry container. +docker_registry_network_mode: host + # The port on which the docker registry server should listen. docker_registry_port: 5000 diff --git a/doc/source/configuration/reference/docker-registry.rst b/doc/source/configuration/reference/docker-registry.rst index dd459077d..44f768c66 100644 --- a/doc/source/configuration/reference/docker-registry.rst +++ b/doc/source/configuration/reference/docker-registry.rst @@ -27,9 +27,16 @@ Configuring the registry Docker Hub by setting REGISTRY_PROXY_REMOTEURL to "https://registry-1.docker.io". Note that it is not possible to push to a registry configured as a pull through cache. Default is ``{}``. +``docker_registry_network_mode`` + The network mode used for the docker registry container. Default is + ``host``. When set to ``bridge``, port mapping is configured to expose the + registry through port ``docker_registry_port``. ``docker_registry_port`` The port on which the docker registry server should listen. Default is - 4000. + 4000. When ``docker_registry_network_mode`` is set to ``host``, configures + the port used by the registry server inside the container. When + ``docker_registry_network_mode`` is set to ``bridge``, configures the + overlay network port. ``docker_registry_datadir_volume`` Name or path to use as the volume for the docker registry. Default is ``docker_registry``. diff --git a/etc/kayobe/docker-registry.yml b/etc/kayobe/docker-registry.yml index 7ba79ed90..ea6ca9c84 100644 --- a/etc/kayobe/docker-registry.yml +++ b/etc/kayobe/docker-registry.yml @@ -14,6 +14,9 @@ # pull through cache. Default is an empty dict. #docker_registry_env: +# The network mode of the docker registry container. Default is 'host'. +#docker_registry_network_mode: + # The port on which the docker registry server should listen. Default is 4000. #docker_registry_port: diff --git a/releasenotes/notes/docker-registry-network-mode-3c678295b51d69c1.yaml b/releasenotes/notes/docker-registry-network-mode-3c678295b51d69c1.yaml new file mode 100644 index 000000000..17fb92408 --- /dev/null +++ b/releasenotes/notes/docker-registry-network-mode-3c678295b51d69c1.yaml @@ -0,0 +1,6 @@ +--- +features: + - | + Adds a new flag, ``docker_registry_network_mode``, which defaults to + ``host``. This may be used to set the network mode of the Docker registry + container.